> It is NOT secure neither a real blockchain and you should NOT use this for anything else than educational purposes.

It would be nice if non-secure parts of implementation or design were clearly marked.

What's the point of education article, if bad examples aren't clearly marked as bad? If MD5 usage is the only issue, author could easily replace it with SHA and get rid of the warning at the start. If there are other issues, how can a reader know which parts to trust?

Even if fixing bad/insecure parts are "left as an exercise for the reader", learning value of the article would be much greater if those parts would be at least pointed at.

erikb is spot on in the sibling comment. This hasn't been expert-reviewed, hasn't been audited so I'm pretty confident there is a bug somewhere that I don't know about.

It's educational in the sense that I tried as best a I could to implement the various algorithmic parts (mining, validating blocks & transactions, etc...).

I originally used MD5 because I thought I would do more exploration regarding difficulty and MD5 is faster to compute than SHA. In the end, I didn't do that exploration, so I could easily replace MD5 with SHA. I'll update the notebook to use SHA, but I'm still not gonna remove the warning :)

I'll also try to point out more explicitly which parts I think are not secure.

* Miners can perform DoS by creating a pair of blocks referencing each other (recursive call in verify_block is made before any sanity checks or hash checks, so they can modify block's ancestor without worrying about changing its hash).

* mine method can loop forever due to integer overflow.

* Miners can put in block a transaction with output sum greater than input sum - only place where it is checked is in compute_fee and no path from verify_block leads there.

Being secure is the lack of attack surface. So it's really hard to say. Often what hits you is something you haven't considered.

So what the author is saying he doesn't take responsibility for when you use the result of his work and get problems. If you want to act responsibly build a team of different experts, have tests for security scenarios, have automated tests, from time to time pay people to attack your system and show the weaknesses you have.

Or, do it like 99.9% of people and just accept that there are risks but don't try to put resulting failures on people who provide free solutions for you online.

PS: Incorporation is a good way to protect yourself. Then having even ineffective due diligence processes is enough to protect your personal life from the risks of doing business.

HN is a tough crowd to please. Without the disclaimer, I guarantee you that the top comment would have been one requesting the author to add one, along with a warning about not writing your own crypto.

It's not about this warning. It's about that it's the only warning. From the intro and from discussion here on HN, I imply author knows about other shortcuts made for the sake of simplicity/explanation/readability - I just wished those shortcuts were pointed at more directly in the article, instead of blanket disclaimer.

For the last couple of months, there have been many educational, simple implementations that explains blockchain technology, I guess thanks to crypto bubble. I wish these were around when we were doing our senior design project on blockchains in 2014. Back then, I only could find basiccoin[0], which was purely minified to just fit in 1000 loc.

After that, I decided to re-implement everything from scratch. My foremost constraint was to write readable code so that anyone could read the codebase and have an idea of how blockchain works.

My current draft of implementation can be found on https://github.com/halilozercan/halocoin , which currently lacks detailed README and documentation. However, you can still experiment with it by using API or CLI. I'm running a dedicated server to have an always online peer you can connect to.

Note that Bitcoin does two rounds of SHA256 rather than one round of MD5. There's also a "P2P DHT" (peer-to-peer distributed hash table) for storing and retrieving blocks from the blockchain; instead of traditional database multi-master replication and secured offline backups.

Regarding the error, they are logged when a verify_block/transaction returns False, just to be a bit more explicit about what failed. In a real implementation, I guess you would throw exceptions instead (or use some Result pattern), but I tried and it cluttered the code quite a bit, so I went back to logging.

My mistake, it's BitTorrent that has a DHT. Instead of finding the most network local peer with the block identified by a (prev_hash, hash) hash table key, the Bitcoin blockchain broadcasts all messages to all nodes; which must each maintain a complete backup of the entire blockchain.

FYI: Great blockchain (from sratch) starter article. At the Awesome Blockchains page [1] I collect starter blockchains and articles (in Python, Ruby, JavaScript, etc.) the idea is the best way to learn about blockchains is to do-it-yoursef - build your own blockchains from scratch. Great example. Keep it up. Cheers.
[1] https://github.com/openblockchains/awesome-blockchains

Note it uses MD5 hash instead of SHA256 so not exactly bitcoin. I wonder how much more work would be to make the code fully implement bitcoin. Will it still be readable? Or Etherium? Would be great value for understanding even if Python would be inefficient to run in prod.

Fully implementing Bitcoin white paper would require moderate amount of work if you do not consider every little detail related to security of your client code. However, current Bitcoin protocol added many features such as scripting.

I think one can maintain code readability in a python implementation but documentation is the key here. Developer needs to clearly state the objective of each function.

For ethereum, you need one external element called: Ethereum Virtual Machine. Smart Contracts are basically byte code that runs on EVM. Without it, blockchain cannot function. So, ethereum development may require extra knowledge on top of blockchain technology.

also, not sure why folks are nitpicking about minor things like security disclaimers, number of sha256 hashes, md5, etc. while ignoring nontrivial gaps (eg no merkle dags, one of the cornerstone concepts).

You're right about Merkle tree. This is a whole section of the bitcoin paper and it's pretty important. But as far as I understand, it's "only" an optimization to save disk space, so it doesn't change the underlying logic.

So is there a non educational implementation of blockhain that someone could use/parametrize/configure? Something that is not educational but more industrial strength? What must someone do to convert an educational implementation to a serious one?